<?php
session_start();
//connessione al database
include 'connect.php';

$id = $_SESSION['userid'];
$vpass = md5($_POST['vpass']);
$npass = md5($_POST['npass']);

$verifica = mysql_query("Select password from utenti where id='$id'");
$verifica2 = mysql_fetch_row($verifica);
$pass = $verifica2[0];

if($pass != $vpass)
{
?>
<script language="Javascript">
alert("La password vecchia da te inserita non corrisponde con quella attualmente salvata");
browser= navigator.appName;
if (browser == "Netscape")
window.location="home.php?page=modificalogin"; else window.location="home.php?page=modificalogin"
</script>
<?php
exit();
}

$update=mysql_query("update utenti set password='$npass' where id='$id'");

if(!$update) {
?>
<script language="Javascript">
alert("Errore nella modifica");
window.location="home.php?page=modificalogin";
</script>
<?php
exit();
}
else
{
?>
<script language="Javascript">
alert("Password cambiata");
</script>
<?php
}
?>

<script language="Javascript">
browser= navigator.appName;
if (browser == "Netscape")
window.location="home.php?page=modificalogin"; else window.location="home.php?page=modificalogin"
</script>